﻿using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;

namespace Läxomatic
{
    public partial class EditProfile : Form
    {
        public EditProfile()
        {
            InitializeComponent();
            List<string> temp = new Tabell<string>(Myskul.Command("SELECT fName,lName,email from user AS u JOIN teacher AS s ON (s.userId = u.id) WHERE u.loginname = '" + SavedData.user + "';")).getRow(0);
            txt_fName.Text = temp[0];
            txt_lName.Text = temp[1];
            txt_email.Text = temp[2];
            //Hämtar och fyller i nuvarande personuppgifter.
        }
        // Kollar så alla värden är ifyllda, försöker logga in. Vid misslyckande visas diverse errors.
        private void btn_ok_Click(object sender, EventArgs e)
        {
            lbl_error.Visible = false;
            if (txt_password.Text == txt_repeatPass.Text)
            {
                if (checkFilledIn())
                    if (login(txt_pass.Text))
                    {
                        changePosts();
                        this.DialogResult = DialogResult.OK;
                    }
                    else
                    {
                        lbl_error.Text = "Du har angivit ett felaktigt lösenord!";
                        lbl_error.Visible = true;
                    }
                else
                {
                    lbl_error.Text = "Fyll i alla obligatoriska fält";
                    label1.Visible = true;
                    label8.Visible = true;
                    label9.Visible = true;
                    lbl_error.Visible = true;
                }
            }
            else
            {
                lbl_error.Text = "Du måste repetera samma lösenord!";
                lbl_error.Visible = true;
            }

        }
        //log-in, salt hämtas, körs tillsammans med anvnamn och password igenom en sha256 hash, checksumman kontrolleras sedan mot den lagrade.
        private bool login(string password)
        {
            string username = SavedData.user;
            Tabell<string> Salt = new Tabell<string>(Myskul.Command("select salt FROM user where loginname= '" + username + "';"));
            string checksum = Safety.getHashSha256(Salt.getFirstElement() + username + password, 17);
            Tabell<string> userExist = new Tabell<string>(Myskul.Command("SELECT * FROM user AS u JOIN teacher	AS s ON (s.userId = u.id) WHERE u.checksum = '" + checksum + "'"));
            if (!userExist.isEmpty())
                return true;
            else
                return false;
        }
        //Om allt stämmer, ändras posterna i användaren beroende på de ifyllda värderna. Användarnamnet går ej att byta.
        private void changePosts()
        {
            string id = new Tabell<string>(Myskul.Command("SELECT u.id FROM user AS u JOIN teacher AS s ON (s.userId = u.id) WHERE u.loginname = '" + SavedData.user + "';")).getFirstElement();
            if (txt_password.Text != "")
            {
                string salt = Safety.getSalt();
                string username = new Tabell<string>(Myskul.Command("SELECT u.loginname FROM user AS u JOIN teacher AS s ON (s.userId = u.id) WHERE u.loginname = '" + SavedData.user + "';")).getFirstElement();
                string checksum = Safety.getHashSha256(salt + username + txt_password.Text, 17);
                Myskul.Command("UPDATE user SET salt = '" + salt + "', checksum ='" + checksum + "' WHERE id='" + id + "';");
            }
            Myskul.Command("UPDATE user SET fName = '" + Myskul.checkIntrusion(txt_fName.Text) + "', lName ='" + Myskul.checkIntrusion(txt_lName.Text) + "', email ='" + Myskul.checkIntrusion(txt_email.Text) + "' WHERE id='" + id + "';");
        }
        //Kollar så att alla värden är ifyllda.
        private bool checkFilledIn()
        {
            foreach (Control c in this.Controls)
            {
                if (c is TextBox && !(c.Name.ToString() == "txt_password" || c.Name.ToString() == "txt_repeatPass"))
                {
                    if (c.Text == "")
                        return false;
                }
            }
            return true;
        }
    }
}
